2017 BEST PRACTICEs CONFERENCES SERIES - BOOK YOUR PLACE TODAY!
EUROPE, Middle EAST & AFRICASTARTS IN:
NORTH and south americasSTARTS IN:
ORLANDO, FL USA
asia pacificSTARTS IN:
KOTA KINABALU, MALAYSIA
Pindrop Security - ContactCenterWorld.com Blog
Page: 1 | 2
As the implementation of voice biometrics has become increasingly popular as a form of identification and authentication, researchers are challenged with determining how users’ voices change over time. New research shows that voices age significantly, even in the short term, making positive authentication more difficult with just voice biometrics alone.
One obstacle making the measurement of voice aging difficult is that every speaker’s voice ages uniquely and at a different rate. There is no universally accepted factor that can be applied to a known authentic recording to compensate for aging.
“Voice biometrics aren’t accurate enough on their own. You have to add other factors like spoofing detection and phoneprinting,” said Dr. Elie Khoury, a principal research scientist at Pindrop, who has conducted a long-term study on voice aging. Khoury will deliver an eye-opening presentation on his results at the RSA Conference today.
Biometrics have gained popularity in both consumer and enterprise applications for a number of reasons, specifically their trusted persistence. Most fingerprints and irises don’t change much over time, so these traits can serve as accurate long-term identifiers. But voice is different. Small changes in a user’s voice can have a direct impact on scoring models and result in false acceptances or rejections.
In a two-year study of 122 people — native speakers of English, Dutch, French, German, Spanish, and Italian — Khoury found that the expected error rate (EER) of positively identifying a given speaker increased significantly over time. In fact, the EER nearly doubled over the two-year the study. And it’s not just one trait that changes in a speaker’s voice, either.
“There’s a change in the pitch and the speed of the speech. When you compute the score, it will decrease slowly over time,” Khoury said. “That’s what’s risky for voice biometrics. The score should remain as high as possible for a match. Aging can make false detection or rejection go up over time. And the pitch will change multiple times during a lifetime.”
There also a number of additional factors, besides age, that can contribute to variances over time, including the emotional state, stress levels, health, and vocal effort of the speaker, all of which can have an effect on accurate identification, Khoury said. Compensating for these factors is the challenge for researchers looking to improve the accuracy of voice models.
Publish Date: February 17, 2017
Aite Group, an independent research and advisory firm focused on business, technology, and regulatory issues, interviewed 25 executives at 18 of the top 40 largest U.S. financial institutions based on asset size in order to provide an evaluation of the current state of fraud. New research proves that contact centers are being attacked more than ever before. Aite’s Senior Analyst, Shirley Inscoe, joined Pindrop’s Director of Research, Dr. David Dewey, to discuss the growing threat of fraud in the contact center during this session.
With the rollout of EMV chip cards, fraudsters have redirected their attacks to the contact center for data mining and account takeover. Sixty-one percent of fraud can be traced back to the contact center, but it doesn’t end there – fraud is a cross-channel problem. Many enterprises fail to identify the contact center as the root cause of fraud loss, enabling fraud in others channels, such as debit card, credit card, and check order takeover. Meanwhile, fraudsters are capitalizing on this misdiagnosis and targeting the contact center as the weakest link in security.
Contact center fraud loss is expected to double from $393M to $775M by 2020. As chip cards continue to gain momentum in the United States, organized fraud rings will continue targeting the phone channel, replacing traditional counterfeit card fraud. Current authentication factors in the contact center often fail due to the data fraudsters acquire through social engineering tactics in order to reset account credentials. Armed with data, organized fraud rings probe agents at enterprises for the information they need to access customer funds, and the point of least resistance is often the contact center.
Publish Date: November 30, 2016
The wealth of information housed by contact centers can be leveraged by fraudsters for data mining and cross-channel attacks. In an effort to prevent phone fraud, many businesses implement authentication methods; however, most fail to administer the authentication required to provide a layered defense system. As social engineering and fraud technologies have become more advanced, standard authentication methods have proven to become less sufficient. “You have to assume the criminals can get through one layer [of authentication]; they can get through two, they can even get through three,” says Avivah Litan, Vice President with the consultancy Gartner. “But if you have multiple layers, up to five, and you’re continuously authenticating that user and continuously looking at their activities against their profile, you should be in pretty good shape.”
Multiple layers of security allow organizations to meet regulatory requirements and effectively safeguard customer data. Knowledge-based authentication (KBA), has served as a standard authentication method for years; however, 10-15% of KBA fails entirely, proving that authentication requires another layer of security in order to ensure data protection. A layered approach to authentication starts with “protecting the endpoint, trying to secure the browser, going all the way up to looking at the navigation, building profiles of users and accounts and looking for anomalies, doing that across channels,” says Litan. This kind of identity assessment analyzes endpoint and user data, metadata, and ehavior as it identifies linkages across and between entities.
Publish Date: September 28, 2016
Fraud poses a substantial risk to the integrity of federal programs and weakens the public’s trust in government. Though government agencies have made great strides in online security over the past few years, they have neglected to implement similar protections for the phone channel.
Fraudsters commonly use the call center as a first step in launching a fraud attack. By impersonating a citizen over the phone, fraudsters are able to gather private financial or personal information. Agencies that hold significant amounts of personal data, like the IRS and Social Security Administration, are particularly at risk.
Today, too many government agencies are relying on outdated Knowledge Based Authentication (KBA) questions as their primary form of security over the phone channel. These questions are ineffective at stopping fraudsters, as recent data breaches have flooded the black market with the answers to these questions. Even when the fraudsters don’t already know the answers, they can use social engineering techniques to bypass security measures.
So what can government agency call centers do to more effectively solve this problem? Pindrop solutions are designed to analyze all aspects of the call to assess the true identity of the caller and detect indicators of fraud. Built around patented Phoneprinting technology, Pindrop analyzes 147 features of the call audio to determine the caller’s true location, device, and risk. Pindrop combines Phoneprinting with reputation analysis, voice biometric blacklisting, and a private enterprise consortium, which allows sharing of threat intelligence across industries.
Publish Date: September 26, 2016
Congratulations are in order if you’ve never had to experience the pleasure of being robocalled. The rampant growth of the underground phone fraud world is affecting consumers and enterprises alike. As consumers, we may experience calls telling us we are being sued by the IRS (just one of the many scams) and for enterprises, the call centers are a point of entry for costly phone phishing attacks. This shockingly small group of fraudsters are causing explosive amounts of damage, costing Americans about $7.4 billion annually, as noted by the Harris poll.
We can try to register for the Do Not Call lists and be more aware of the unfamiliar numbers calling us, but cyber criminals can easily access our data through social engineering, spoofing and inexpensive data downloads. Enterprises face a bigger challenge. Some have fraud ops teams to help deter or mitigate the risks. However, more and more fraudsters are targeting unprotected call centers. The advancement and rollout of EMV cards are partially to blame, coupled with the amount of consumer data that is readily available.
Our data scientist, Aude Marzuoli, presented at this year’s Black Hat conference on phone fraud scams and the phoneprinting technology to prevent such attacks. Marzouli and the research team reviewed millions of calls, while leveraging the Pindrop honeypot and online comments in combination with machine learning and were able to determine that of the 100,000 call recordings, 51% of the robocalls recorded were placed by 38 distinct telephony infrastructures which could be uniquely identified with more than 85% true detection rate (TDR) on average. So what does this all really mean? Fraudsters are getting more creative, more quickly, and within a small network have an exceptional, growing presence that makes protection from this abuse more challenging.
Publish Date: August 5, 2016
Black Hat Talk: Call Me…I’ll Gather Threat Intelligence on Your Telephony Scams and Expose Fraudsters
Fraudsters live and die today by executing on what some may call — prank calls. Only the punchline hits businesses in their pockets, leaving law enforcement and companies to ask, “How do we know stop them?” They are robocalls, voice phishers and caller ID spoofers using cybercrime techniques to launch scam campaigns through the telephony channel that many people have long trusted.
Black Hat, one of the premier, highly technical security conferences of the year, welcomes Pindrop Labs Research Scientist Aude Marzuoli to host a session at Black Hat USA 2016.
I am excited for Marzuoli to discuss her latest research findings on the most menacing trends of the telephony channel and describe the calling patterns she tracked via a telephony honeypot. She will share with you her original thesis and how she used Pindrop’s honeypot to gather and analyze accurate and timely information on unwanted phone calls across the United States. By determining how these bad call sources can be quickly and accurately identified using features extracted from honeypot call audio, Pindrop Labs stands to aid law enforcement and businesses across the globe that are combatting rising telephony fraud.
Using machine learning and semantic information collected from honeypot call audio, Marzuoli and her team collected over 500,000 calls over five months from 90,000+ unique source phone numbers. Leveraging this data, Pindrop Labs developed a method to “fingerprint” high-risk call sources, attempting to hide behind phone numbers, and detect them in the first few seconds of a call.
Publish Date: July 29, 2016
This week in phone fraud, Pindrop Labs released its Top 10 Consumer Phone Scams Report and Pindrop CEO, Vijay Balasubramaniyan, reveals how deep learning can transform the relationship between humans and machines.
On Thursday, USA Today reported the top three phone scams targeting consumers this year are Google listing scams, loan-related scams and fraudsters offering free vacations, an information security company called Pindrop found — by masquerading as unsuspecting customers.
Wednesday, IT Pro Portal reported that ever since humans evolved language, speech has proven to be the most efficient way for us to communicate, from the simplest requests to the most complex ideas. Now, with advances in technology, speech is poised to become the next major transformation of the user interface.
Biometric Update: Biometrics alone will not win the authentication wars – Hackers target banks and any business with a digital presence to steal people’s identities and export valuable private information. Increasingly, hackers are using impersonation methods to pose as individuals to commit fraud digitally and over the phone. Especially in the call center, where fraud is expected to grow by 97 percent between 2015-20 (Aite Group)
Helpnet Security: As voice interaction increases, what will security look like in the next 5 years? – As the accuracy of voice UI grows, it will naturally progress to a means of authentication in the enterprise. However, the enterprise should be concerned about the security implications of tomorrow and what managing voice authentication, in the daily work environment, will mean.
Publish Date: July 29, 2016
This week in phone fraud, a researcher found a way to trick the ID verification tools used by tech giants Microsoft, Google, and Instagram, and a phone scam in China targets HIV infected people.
On Thursday, Fortune reported that a researcher found a simple yet ingenious way to trick three companies— Microsoft, Google, and Facebook’s Instagram—into forking over money using nothing more than the telephone.
Thursday, New York Times reported that hundreds of people with H.I.V. across China are being called by someone who claiming to be from the government who has access to their medical records and other personal information.
NPR: Scammers Turn To Caller ID “Spoofing” To Pose as Police – Most people know to hang up on con artists supposedly calling from the power company or the IRS, demanding money. The problem is, there’s little the police can do — even when the scammers go so far as to impersonate the police themselves.
Shanghai Daily: Police in China to probe suspected phone scam targeting people with HIV – People with HIV nationwide have reportedly received phone calls from individuals claiming to work for the government. The callers allegedly attempt to collect service fees for “government subsidies for the HIV-infected.”
Publish Date: July 22, 2016
This week in phone fraud, the Federal Communications Commission passed legislation that exempts government employees and their contractors from certain regulations on robocalls.
On Tuesday, The Washington Post reported that government employees and any contractors working on their behalf are now exempt from regulations on robo-calls designed to protect consumers from annoying phone spam under a new, federal clarification on who is and isn’t allowed to place auto-dialed phone calls and text messages.
Thursday, the Consumerist reported AT&T CEO Randall “Dandy Randy” Stephenson claims his company can’t proactively block robocalls because it first needs permission from the FCC, and AT&T employees have more than a dozen different explanations for why the telecom giant has done nothing to rein in these unwanted, pre-recorded and auto-dialed calls.
Security Info Watch: Data Breach Digest: Breach trends that will define incident response – At the start of the year, Experian developed a forecast of breach trends that companies should look out for over the coming year, drawing from its experience servicing thousands of breaches each year as well as insight from expert partners in the indistry.
Yahoo Finance: Counterfeit Credit Card Fraud Reaches Lowest Level Since 2013; Other Fraud Types Increase, says Auriemma Consulting Group – The US credit card market’s move to EMV chip technology has helped reverse a years-long trend of increasing counterfeit fraud, new data from Auriemma Consulting Group (ACG) shows. Howeve, fraud in other channels is increasing.
Publish Date: July 8, 2016
This week in phone fraud, China cracks down on phone fraud rings and scammers target phone scam victims.
On Thursday, Forbes reported that Chinese authorities have busted a network of phone fraudsters in Taiwan. Fraudsters were calling Chinese citizens, claiming to be police officers or faking kidnappings. The Taiwanese fraud ring was operating in over 25 countries.
Today, the Federal Trade Commission reported on a new trend in phone fraud. Fraudsters are targeting lists of consumers who have lost money to previous phone scams. For a “small fee” upfront, the criminals promise to recover the money the consumer lost.
FEDweek: Fraud Reduction Act Clears Congress – The House has joined the Senate in passing S-2133, to require OMB to set guidelines for agencies to establish financial and administrative controls to identify and assess fraud risks. Agencies also would have to design and implement control activities in order to prevent, detect, and respond to fraud under the bill.
The Economist: Pulling the plug on robocalls – According to Consumer Reports, unsolicited telephone calls made by automatic dialing machines now comprise over a third of all calls to American homes. Worse, the majority are not just annoying telemarketing messages, but scams aimed at tricking the unwary into parting with personal information or cash.
Publish Date: June 24, 2016
This week in phone fraud, Pindrop’s CEO discusses voice authentication and Chinese and Taiwanese fraudsters arrested in Turkey.
This week, Europe Business Review spoke with Matt Peachey, VP & GM EMEA of Pindrop about the growing problem of fraud loss in the call center and how it can be addressed.
International Banker reported that research from Pindrop is leading the drive for banks and other financial institutions to turn to multiple layers of defense in an attemmpt to provide better customer service as well as protect against fraudulent activity.
Straits Times: Over $4M lost in phone scams here since March – More than $4M have been lost by victims of phone scams in SIngapre since March. Believing the scam originated in China, scammers impersonate overseas officials telling them parcels containing illegal items had been shipped in their names and they must remit money to overseas accounts as a fine.
Publish Date: June 10, 2016
Matt Haff is a UX Developer here at Pindrop. Matt works with our customers to determine how Pindrop can continue to improve our UX. He helps to prioritize UI changes and make sure that the engineering team has what they need to get the job done.
1. Why Pindrop?
- Pindrop is doing some really amazing things that are helping to shape the future and make it a safe/secure place for others. I work with some of the smartest people I know, and I’m always learning/expanding my skillset.
2. What is your favorite part about your role/Pindrop?
- I get to help shape the UI of our applications; working hand-in- hand with our customers and stakeholders to deliver a great product that people love to work with.
3. What is your professional background?
- I’ve been a front-end developer for over 10 years
4. What is your favorite thing about Atlanta?
- All the really interesting things to do, and the awesome places to grab a bite within walking distance of the office.
5. Interesting fact about you
Publish Date: June 6, 2016
The UK sees more than 2x the amount of call center fraud than the US
The UK is no stranger to phone fraud in financial institutions. The recent data compiled in Pindrop’s 2016 Call Center Fraud Report shows that 1 in every 700 calls made to enterprise call centers in the UK is fraudulent. This is over two times higher than the fraud call rate in the US.
A major factor that’s causing the high levels of fraud in the UK is the chip card technology implemented in 2004. Because chip cards make it harder to commit card-present fraud, attackers began to move towards card-not-present channels, notably the call center, to continue making fraudulent transactions.
This shift gives the US valuable insight into the future of call center fraud due to the recent transition of chip-and-pin cards stateside. According to the Aite Group, fraud attacks in the call center grew 79% in the UK following the chip card roll out.
Fraud calls in the UK are mostly domestic
72% of fraud calls to financial institutions originate within the UK. The US sees a much lower number of domestic calls at only 48%. Again, the high percentage in domestic fraud calls is linked to chip cards. When chip cards were first introduced in Europe, card-present fraudsters moved to non-physical attacks like call center fraud, rather than relocate out of the country. In addition to the UK, similar trends have been seen in other European countries who have implemented chip cards. France, for example, saw an increase in domestic card-not-present attacks by more than 360% between 2004 and 2009 (Iovation, Fighting CNP Fraud: 5 Things to Consider).
Most UK fraud comes from mobile devices
UK financial institutions see 64% of fraud calls coming from mobile devices, while the US only sees 37%. In the UK, it is easier to program mobiles phones to show a restricted caller ID. In fact, 70% of fraud calls in the UK use a restricted caller ID rather than spoofing a phone number, a common trick in the US.
Publish Date: June 2, 2016
This week in phone fraud, cheap technology makes phone fraud easy and Pindrop analyzes 10 million calls for latest research.
This week, Wall Street Journal reported that telephone scammers posing as tech support, lottery reps or even government officials are inundating U.S. homes as cheap technology and the rapid rise in Internet access globally makes it easier to set up an unlawful phone operation.
Bankless Times reported that Pindrop’s analysis of more than 10 million calls to UK and US-based enterprise call centers looks at vertical impact, attacker device type and location along with trends and vectors used by organized crime groups.
On the Wire: Phone Fraud Scam Targets College Students For ‘Federal Student Tax’ – The FTC is warning about a new variant on phone fraud scams that attempts to bully college students into paying a non-existent student tax. The scam is similar to many of the IRS phone scams that have been ongoing for several years, but with the novelty of pressuring students who likely are much more vulnerable.
Publish Date: May 27, 2016
This week in phone fraud, Pindrop’s Director of Research discusses data from the 2016 Call Center Fraud Report.
This week, Pindrop’s Director of Research sat down with On the Wire to discuss the data in Pindrop’s 2016 Call Center Fraud Report. The report shows a 45 percent increase in call center fraud since 2013.
Business Review Europe spoke with Matt Peachey, Pindrop’s VP and GM of EMEA about cybercriminals targeting the weakest link of financial institutions – the phone channel.
CU Insights: Preventing social engineering attacks: How credit unions are missing the mark – While credit unions focus on technical defenses, social engineers are completely bypassing them using phishing, ransomware, and phone calls.
Publish Date: May 20, 2016
Page: 1 | 2